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Platform 


Network Automation Workshop 


Introduction to Ansible for network engineers and operators 


б, Red Hat 


Housekeeping 


e Timing 
e Breaks 


e Takeaways 


< RedHat 


What you will learn 


e Introduction to Ansible automation 

e How Ansible works for network automation 

e Understanding Ansible modules and playbooks 
e Executing Ansible playbooks to: 


o Make configuration changes 
o Gather information (Ansible facts) 
e Using Jinja to template network configurations 


e Using Ansible Tower to scale automation to the enterprise 


Ф RedHat 


"A Red Hat 
Ansible Automation 


Introduction M 


Topics Covered: 


e Whatis the Ansible Automation Platform? 


e Whatcanit do? 
e Why Network Automation? 


e How Ansible Network Automation works 


< RedHat 


Automation happens when one person meets a 
problem they never want to solve again 


< RedHat 


Teams are automating... 


ёз ёз ёз 49 €9 42? 


Lines Of Business Network Security Operations Developers Infrastructure 


Ad-hoc Automation is happening in silos 


Ansible used insilo 


— — — —— DIY scripting automation E organic 
automation enough? 


Open source config 
management tool 


Proprietary vendor supplied 
automation 


Network 


т 


Simple 


Human readable automation 
No special coding skills needed 
Tasks executed in order 
Usable by every team 


Get productive quickly 


Why Ansible? 


Powerful 


App deployment 
Configuration management 
Workflow orchestration 
Network automation 


Orchestrate the app lifecycle 


fal 
= 


Agentless 


Agentless architecture 

Uses OpenSSH & WinRM 

No agents to exploit or update 
Get started immediately 


More efficient & more secure 


< RedHat 


What can I do using Ansible? 


Automate the deployment and management of your entire IT footprint. 


Do this... 


Configuration Application Continuous Security and 


Orchestration Provisioning 


Management Deployment Delivery Compliance 


On these... 
Firewalls Load Balancers Applications Containers Clouds 
Servers Infrastructure Storage Network Devices And more... 


dë RedHat 


When automation crosses teams, 
you need an automation platform 


Ф ` 


Lines Of Business Infrastructure 


ie 


d d 


Security Operations 


Red Hat Ansible Automation Platform 


| PS 
«9 Operations Infrastructure Developers 


Engage Ansible SaaS: Engage users with an automation focused experience 


Scale Ansible Tower: Operate & control at scale 


Create Ansible Engine: Universal language of automation 


OS Fueled by an open source community 


Network e о! Security 
business 


< RedHat 


Cloud 


AWS 

Azure 

Digital Ocean 
Google 
OpenStack 
Rackspace 
+more 


Operating 
Systems 
RHEL 
Linux 
Windows 
+more 


Ansible automates technologies you use 
Time to automate is measured in minutes 


Virt & Container 


Docker 
VMware 
RHV 
OpenStack 
OpenShift 
+more 


Storage 
Netapp 

Red Hat Storage 
Infinidat 

+more 


Windows 


ACLs 
Files 
Packages 
IIS 
Regedits 
Shares 
Services 
Configs 
Users 
Domains 
*more 


Network 


A10 
Arista 
Aruba 
Cumulus 
Bigswitch 
Cisco 
Dell 
Extreme 
F5 
Lenovo 
MikroTik 
Juniper 
OpenSwitch 
+more 


Security 


Checkpoint 
Cisco 
CyberArk 
F5 

Fortinet 
Juniper 
IBM 

Palo Alto 
Snort 
+more 


Monitoring 


Dynatrace 
Datadog 
LogicMonitor 
New Relic 
Sensu 

+more 


Devops 
Jira 
GitHub 
Vagrant 
Jenkins 
Slack 
+more 


Red Hat Ansible Tower Financial summary: 


146% 


O Reduction in recovery time following 
О а security incident 
ROI on Ansible Tower 
O Savings by deploying workloads 
4 No to generic systems appliances 
using Ansible Tower < | ‹ М О NTHS 


O Reduction in man hours required А 
б ү Yo for customer deliveries Payback on Ansible Tower 


SOURCE: "The Total Economic Impact™ Of Red Hat Ansible Tower, a June 2018 commissioned study conducted by Forrester Consulting on behalf of Red Hat." <, Реа Hat 
redhat.com/en/engage/total-economic-impact-ansible-tower-20180710 


Source: Gartner, Look yond Network Vendors for Innovation. January 2018 
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For operators, not 
developers 


Download and go 


Existing knowledge reuse 


WHY ANSIBLE? 


(for networks) 


м 
POWERFUL 


Connect via Plugins 
Easy platform enablement 


Leverage Linux tools 


AGENTLESS 


Ideal for network gear 


No agents to exploit or 
update 


Standards-based SSH 


< RedHat 


ANSIBLE NETWORK AUTOMATION 


65+ 1000+ 15° 


Network Network Galaxy 
Platforms Modules Network Roles 


ansible.com/for/networks 
galaxy.ansible.com/ansible-network 


*Roles developed and maintained by Ansible Network Engineering ~ RedHat 


Common use cases 


Backup and Restore | Configuration Compliance | Dynamic Documentation 


e Schedule backups | e Check configuration ! e Build reports 

e Restore from any : standards | e Grab software versions, 
timestamp e Track configuration drift MTU, interfaces status 

e Build workflows that e Enforce configuration e Audit system services and 
rollback policy other common config 


& Red Hat 


. How Ansible Network Automation works 


Module code is 


Module code is 


е, 


E OO 
o XE 


CONTROL NODE 


LOCAL EXECUTION 


Qs 


CONTROL NODE 


REMOTE EXECUTION 


NETWORKING 
DEVICES 


LINUX/WINDOWS 
HOSTS 


@ RedHat 


(3 RedHat 
Ansible Automation 
Platform 


Red Hat Ansible Engine: 
Universal language 


of automation 


< RedHat 


Red Hat Ansible Automation Platform 


orn Simple Powerful Agentless 
Human readable automation Thousands of integrations No agents to exploit or update 


dë RedHat 


Exercise 1 


Topics Covered: 
e Understanding Inventory 


e Anexample Ansible Playbook 


"A Red Hat 
Ansible Automation 
Platform 


< RedHat 


PUBLIC / PRIVATE 
CLOUD PUBLIC / PRIVATE 


CLOUD 


ANSIBLE AUTOMATION ENGINE 


HOSTS 
INVENTORY 
MODULES PLUGINS 
NETWORK 
DEVICES 


ANSIBLE 
PLAYBOOK 


<, Red Hat 


PLAYBOOKS ARE WRITTEN IN YAML 
Tasks are executed sequentially 
Invoke Ansible modules 


ANSIBLE 
PLAYBOOK 


<, Red Hat 


MODULES ARE “TOOLS IN THE TOOLKIT” 
Python, Powershell, or any language 
Extend Ansible simplicity to the entire stack 


MODULES 


- name: latest index.html file is present 
template: 
src: files/index.html 
dest: /var/www/html/ 


<, Red Hat 


PLUGINS ARE “GEARS IN THE ENGINE” 
Code that plugs into the core engine 
Adaptability for various uses & platforms 


LI 


PLUGINS 
Y 


{{ some variable | to nice yaml }} 


<, Red Hat 


[web ] 
webserver1.example.com 
webserver2.example.com 


[db] 
dbserver1.example.com и NN INVENTORY 


[switches] 
leaf01.internal.com 
leaf02.internal.com 


[firewalls] 
checkpoint01.internal.com 


[1b] 
f5-01.internal.com 


INVENTORY 
List of systems in your infrastructure that 
automation is executed against 


CLI 


<, Red Hat 


Understanding Inventory 


Coch Те ОФ 220222225 - 
POr Бе EE Eer AA 
e E RE E у 
гта ansrble host-35.16.02«251 
Cero 

CLEO 


< RedHat 


Understanding Inventory - Groups 


There is always a group called "all" by default 


[cisco] 
КЕГІ angible bost=-le.220.196.59 Private 1p9172.16.1954,1964 


[arista] 
Pera ansible. hoOSUt-198.22140941]1 private ір-112;17:229,213 


Per. anstble hoste2.16.0252291 Private 1p59172.17.,20941896 


[juniper] 
BLES ansible: hostel2.99.242.257 pDrryate xpel/2.16.99579 


Groups can be nested 


[routers:children] 
CISCO 

juniper 

arista 


< RedHat 


Understanding Inventory - Variables 


Host variables apply to the 
host and override group vars 


[cunei 
Tiri ansible hosteo2.149.2090.176 private rp9172.16.9592:2493 


[arista] 
EE ansible Nhostelo.221.19D.L92 private xp-el724174299494 
rtr4 ansible host-18.188.124.127 private ip-172.17.43.134 


[juniper] 
ТІІЗ ansible. hoste3.15.11,.56 private 1p=1/2.16.94.233 


[cisco:vars] 
ansible user-ec2-user Group variables apply for all 


ansible network os-ios devices in that group 


ansible connectlonsenetwork cli 


< RedHat 


A Sample Ansible Playbook 


- name: deploy vlans e Playbook is a list of plays. 


hosts: cisco 


e Each play is a list of tasks. 
gather facts: no 


e Tasks invoke modules. 


tasks: | e A playbook can contain more than 
- name: ensure vlans exist 
nxos vlan: one play. 


vlan id: 100 
admin state: up 
name: WEB 


< RedHat 


(3 RedHat 
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Platform 


Exercise 1- Exploring the lab environment 


In this lab you will explore the lab environment and build familiarity with the 
lab inventory. 


Approximate time: 10 mins 


б, Red Hat 


Exercise 2 


Topics Covered: 
e AnAnsible Play 
e Ansible Modules 


e Running an Ansible Playbook 


"A Red Hat 
Ansible Automation 
Platform 


< RedHat 


An 


Ansible Playbook Example 


name: snmp ro/rw string configuration 
hosts: cisco 
gather facts: no 


tasks: 
- name: ensure snmp strings are present 


lines: 
- snmp-server community ansible-public RO 
- snmp-server community ansible-private RW 


< RedHat 


Ansible Playbook - Play definition 


e The name parameter describes the Ansible Play 
e Target devices using the hosts parameter 
e Optionally disable gather. facts 


- name: snmp ro/rw string configuration 
hosts: cisco 


gather facts: no 


< RedHat 


Modules 


Modules do the actual work in Ansible, they are what 
gets executed in each playbook task. 


e Typically written in Python (but not limited to it) 


tasks: 
- name: ensure snmp strings are present 
ios config: 
commands : 
- snmp-server community ansible-public RO 
- snmp-server community ansible-private RW 


< RedHat 


Network modules 


Ansible modules for network automation typically references the vendor OS 
followed by the module name. 


Arista EOS = eos * 


e * facts | 
e * command | Cisco IOS/IOS-XE = ios * 
e * config | Cisco NX-OS = nxos * 

|. Cisco lOS-XR = iosxr. * 
More modules depending on | F5 BIG-IP = bigip_* 
platform | 


F5 BIG-IQ = bigiq * 
Juniper Junos = junos * 
VyOS = vyos * 
< RedHat 


- name: s 
hosts: cisco 
gather facts: no 


ro/rw string 


tasks: 
- name: ensure 
ios config: 
commands: 
- snmp-server community ansible-public RO 
- snmp-server community ansible-private RW 


[studentl@ansible networking-workshop]$ ansible-playbook playbook.yml 


PLAY [snmp ro/rw string configuration] ****XXdXXXd ok kk kk ХХХ kk Ck kk kk ЖКА ЖОК ЖОК ЖОЖ k Ж Ж 


TASK [ensure that the desired snmp strings are present] Ck Ck Ck C CK CIC CC CK CK CIC CC CC E A A ke Kk Kk kx A A A ko ko ko ko ko 


changed: [rtr1] 


PLAY RECAP kkkkkkkkkkkkkěýákkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkxk 


rtri changed-1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 


= RedHat 


Displaying output 


[studentl@ansible networking-workshop]$ ansible-playbook playbook.yml -v 
Using /home/studentl/.ansible.cfg as config file 


PLAY [snmp ro/rw string configuration] ******X***XX* XX X kk КККК E E E E E E E E E E AE AK 
KKKKKKKKKKKKKK IK KIKI KI KK KK I ЖЖ ЖК ЖЖЖ ЖКК Ж 


TASK [ensure that the desired snmp strings are present] 


PLAY RECAP kkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkxkkxkxkxkxkxkxkxkxkxkxkxkxkxkxkkxkxkxkxkxkkkxk*kxx*k 


unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 


Increase the level of verbosity by adding more "v's" -vvvv 


Red Hat 
Ansible Automation 
Platform 


Exercise 2 - Execute your first network 
automation playbook 


In this lab you will use Ansible to update the configuration of routers. This 
exercise will not have you create an Ansible Playbook; you will use an existing 
one. 


Approximate time: 15 mins 


б, Red Hat 


Exercise 3 


Topics Covered: 
ө Ansible Documentation and ansible-doc 
e Facts for Network Devices 


e The debug module 


"A Red Hat 
Ansible Automation 
Platform 


< RedHat 


"Ansible for Network Automation” Documentation 


о Documentation ANSIBLEFEST PRODUCTS COMMUNITY WEBINARS & TRAINING BLOG 


Ansible Docs » Ansible for Network Automation 
2.8 


ies | Ansible for Network Automation 


Ansible Network modules extend the benefits of simple, powerful, agentless automation to network administrators and teams. Ansible Network 
modules can configure your network stack, test and validate existing network state, and discover and correct network configuration drift. 
Installation Guide , : К қ 

If you’re new to Ansible, ог new to using Ansible for network management, start with Getting Started with Ansible for Network Automation. If you 
are already familiar with network automation with Ansible, see Advanced Topics with Ansible for Network Automation. 


Ansible Porting Guides 


User Guide For documentation on using a particular network module, consult the list of all network modules. Some network modules are maintained by the 
Ansible community - here's a list of network modules maintained by the Ansible Network Team. 


Ansible Community Guide е Getting Started with Ansible for Network Automation 
o Basic Concepts 

= Control Node 
Managed Nodes 


Developer Guide 


= Inventory 
Public Cloud Guides = Modules 
Network Technology Guides = Tasks 

= Playbooks 


Virtualization and Containerization 
Guides o How Network Automation is Different 


= Execution on the Control Node 
= Multiple Communication Protocols 
= Modules Organized by Network Platform 


Getting Started with Ansible for Network = Privilege Escalation: enable mode, become ,and authorize 
Automation 


Б Ansible for Network Automation 


о Run Your First Command and Playbook 
Advanced Topics with Ansible for = Prerequisites 

Network Automation = Install Ansible 
Developer Guide for Network = Establish a Manual Connection to a Managed Node 


Automation = Run Your First Network Ansible Command 


al 
http://bit.ly/AnsibleNetwork @ RedHat 


Module Documentation 


Docs » Module Index 


Documentation is required as 


part of module submission Madale Indes 


• All Modules 


Multiple Examples for every емінен 
module | 


e Commands Modules 
e Crypto Modules 
© 5 e Database Modules 
Broken into relevant sections © Files Modules 
e Identity Modules 
e Inventory Modules 
e Messaging Modules 
e Monitoring Modules 
e Network Modules 
e Notification Modules 
e Packaging Modules 
е Remote Management Modules 
е Source Control Modules 
е Storage Modules 


Clustering Modules 


e System Modules 

e Utilities Modules 

e Web Infrastructure Modules 
е Windows Modules 


service - Manage services. 


* Synopsis 
* Options 
e Examples 
o Status 
o Support 
Synopsis 
© Controls services on remote hosts. Supported init systems include BSD init, OpenRC, SysV, Solaris SMF, systemd, upstart. 
Options 
parameter | required | default | choices comments 
arguments |no Additional arguments provided on the command line 
aliases: args 
enabled по + yes Whether the service should start on boot. At least one of state and enabled are required. 
* no 
name yes Name of the service, 
pattern по If the service does not respond to the status command, name a substring to look for as 
would be found in the output of the ps command as a stand-in for a status result. If the 
—_— TN string is found, the service will be assumed to be running. 
runlevel no default For OpenRC init scripts (ex: Gentoo) only. The runlevel that this service belongs to. 
sleep no Ifthe service is being restarted then sleep this many seconds between the stop and start 
(added in 1.3) command. This helps to workaround badly behaving init scripts that exit immediately 
after signaling a process to stop. 
state no * started started / stopped. are idempotent actions that will not run commands unless necessary. 
e stopped | resterted will always bounce the service. reloaded will always reload. At least one of 
. restarted | State and enabled are required. Note that reloaded will start the service if it is not 
rted | already started, even if your chosen init system wouldn't normally. 
* reloaded 
use no auto The service module actually uses system specific modules, normally through auto 
(added in22) detection, this setting can force a specific module. 
Normally it uses the value of the'ansible service mgr' fact and falls back to the old 
‘service’ module when none matching is found. 


https://docs.ansible.com/ 


Documentation right on the command line 


5 ansible-doc -1 

іов Баппег Manage multiline banners оп Cisco IOS devices 
ios_command Run commands on remote devices running Cisco IOS 
ios config Manage Cisco IOS configuration sections 


$ ansible-doc ios command 


> IOS COMMAND 


Sends arbitrary commands to an ios node and returns the results read from the 
device. This module includes an argument that will cause the module to wait for a 
specific condition before returning or timing out if the condition is not met. This 
module does not support running commands in configuration mode. Please use 

[ios config] to configure IOS devices. 


Options (= is mandatory): 


= RedHat 


Fact modules 


--------- eos facts 


——————>» ios facts 


-------> junos facts 


E Red Hat 


rtrl#show version 

Cisco IOS XE Software, Version 16.09.02 

Cisco IOS Software [Fuji], Virtual XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.9.2, RELEASE SOFTWARE (fc4) 
Technical Support: http://www.cisco.com/techsupport 

Copyright (c) 1986-2018 by Cisco Systems, Inc. 

Compiled Mon 05-Nov-18 19:26 by mcpre 


«rest of output removed for brevity> 


[studentl@ansible ~]S ansible -m ios facts rtr1 
.««abbreviated output» » 


"ansible net iostype": "IOS-XE", 
"ansible net memfree mb": 1853921, 
"ansible net memtotal mb": 2180495, 
"ansible net model": "CSR1000V", 
"ansible net neighbors": (), 
"ansible net python version": "2.7.5", 
"ansible net serialnum": "964A1HODIRM", 
"ansible net system": "ios", 
"ansible net version": "16.09.02", 


= RedHat 


Ansible Fact Playbook Example 


- name: gather information from routers 
hosts: cisco 
gather facts: no 


tasks: 
- name: gather router facts 
ios facts: 


< RedHat 


[studentl@ansible networking-workshop]$ ansible-playbook facts.yml 


PLAY [gather information from routers] **R RRR RRR k k k RRR KK k k k KR KR k k k RK IK k k k k k k KK k k k RK KK k k ЖК 


TASK [gather router facts] kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkxk 


PLAY RECAP *ž*ž*ž*žx*žkžxkžxkxkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk 


changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 


e What did this Ansible Playbook do? 
ө Where are the facts? 
e How до luse the facts? 


= RedHat 


Running the Ansible Playbook with verbosity 


[studentl@ansible networking-workshop]$ ansible-playbook facts.yml -v 


PLAY [gather information from routers] ** RRR RR RRR k k k KR KR KR RIK IK KK KR Ж 
Using /home/student1/.ansible.cfg as config file 


TASK [gather router facts] Ххх ХХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХ ХХХ ХХХ ХХХ ХХХ ХХХ kock kk kk 


PLAY RECAP *ž*ž*ž*žx*šžkžxkžxkxkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk 


changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 


Displaying output - The “debug” module 


‘programming languages. Variables are accessed using 11H - 


quoted curly braces 


- name: display version 
debug: 
msg: "The IOS version is: {{ ansible net version }}" 


- name: display serial number 


debug: 
msg: "The serial number is: {{ ansible net serialnum jj" 


< RedHat 


Running the Ansible Playbook with verbosity 


[studentl@ansible networking-workshop]$ ansible-playbook facts.yml 


PLAY [gather information from routers] Ххх ХХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХ ХХХ ХХХ ХХХ ХХХ ХХХХХХХХ k kk kk 


TASK [gather router facts] Ххх ХХХ ХХХ ХХХ ХХХ KEK KEKE KK ХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХ ХХХ ХХХ ХХХ ХХХ ХХХ ХХХ К А 


TASK [display version] kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkxk 
TASK [display serial number] kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk 


PLAY RECAP *ž*ž*ž*xž*žxkšžkžxkžxkxkxkxkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk 


changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 


Build reports with Ansible Facts 


Model Type Mgmt0 IP Address Code Version 


Nexus9000 9000v Chassis 192.168.2.3 7.0(3)17(1) 


Nexus9000 9000v Chassis 192.168.2.4 7.0(3)17(1) 


Nexus9000 9000v Chassis 192.168.2.5 7.0(3)17(1) 


Nexus9000 9000v Chassis 192.168.2.6 


Nexus9000 9000v Chassis 192.168.2.7 7.0(3)17(1) 


Nexus9000 9000у Chassis 192.168.2.8 7.0(3)17(1) 


< RedHat 
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Exercise 3 - Ansible Facts 


Demonstration use of Ansible facts on network infrastructure. 


Approximate time: 15 mins 


б, Red Hat 


Exercise 4 


Topics Covered: 
e Understand group variables 
e Understand Jinja2 


e cli config module 


"A Red Hat 
Ansible Automation 
Platform 


< RedHat 


Group variables 


Group variables are variables that are common between two or more devices. 
Group variables can be associated with an individual group (e.g. "сіѕсо") or a nested 
group (e.g. routers). 


Examples include 

e NTP servers 

e DNS servers 

e SNMP information 


Basically network information that is common for that group 


Ф RedHat 


Inventory versus group_ vars directory 


Group variables can be stored in a directory called group_vars in YAML syntax. In 
exercise one we covered host vars and group. vars with relationship to inventory. 


What is the difference? 


Inventory 


Can be used to set variables to connect 
and authenticate to the device. 


Examples include: 
e Connection plugins (e.g. network cli) 
e Usernames 
e Platform types 
(ansible network os) 


group. уагв 


Can be used to set variables to configure 
on the device. 


Examples include: 
e VLANs 
e Routing configuration 
e System services (NTP, DNS, etc) 


< RedHat 


Examining a group_vars file 


At the same directory level as the Ansible Playbook create a folder named group_vars. 
Group variable files can simply be named the group name (in this case all.yml) 


[studentl@ansible networking-workshop]$ cat group vars/all.yml 


nodes: 
rtril: 


Loopback100: 


rtr2: 


Loopback100: 


rtr3: 


Loopback100: 


rtr4: 


Loopback100: 


"02. 


iso. 


"is 


"LIZ 


1524 


22208, 


168. 


168. 


100; 


100 


100 


100. 


TH 


M^ 


CHA 


ZH 


Ф RedHat 


Jinja2 
e Ansible has native integration with the Jinja2 templating engine 


e Render data models into device configurations 
e Render device output into dynamic documentation 


Jinja2 enables the user to manipulate variables, apply conditional 
logic and extend programmability for network automation. 


Ed Jinja 


< RedHat 


Network Automation contig modules 


cli_config (agnostic) 


ios config: 

nxos config: 

iosxr. config: 
eos config 

| 


*os config: 


< RedHat 


Jinja2 Templating Example (1/2) 


Variables Jinja2 Template 
ntp server: 192.168.0.250 | 
name server: 192.168.0.251 nep Server EE server, | 


ip name-server папе Server! 
| 


Generated Network Configuration 
rtr1 rtrX 


ip name-server 192.168.0.251 ip name-server 192.168.0.251 
! ! 


ntp server 192.168.0.250 ntp server 192.168.0.250 


Ф RedHat 


Jinja2 Templating Example (2/2) 


Variables Jinja2 Template 
nodes: {6 for interface,ip in nodes[inventory hostname] .items () 
rtrl: 5} 
Loopback100: "192.168.100.1" interface {{interface}} 
rtr2: lp address {{1р}} 255.255.255.255 
Loopback100: "192.168.100.2" (% endfor %) 
rtr3: 
Loopback100: "192.168.100.3" 
rtr4: 
Loopback100: "192.168.100.4" 


Generated Network Configuration 


rtr] й rtr2 B rtrX 


interface Loopback100 interface Loopback100 interface Loopback100 
ip address 192.168.100.1 ip address 192.168.100.2 ip address X 


The cli_contig module 
Agnostic module for network devices that uses the network_cli 
connection plugin. 


- name: configure network devices 
hosts: rtrl,rtr2 
gather facts: false 
tasks: 
- name: configure device with config 
cli config: 
config: "{{ lookup('template', 'template.j2') }}" 


< RedHat 


Red Hat 
Ansible Automation 
Platform 


Exercise 4 - Network Configuration with Jinja 
Templates 


Demonstration templating a network configuration and pushing it a device 


Approximate time: 15 mins 


б, Red Hat 


Tower Introduction 


Topics Covered: 
e What is Ansible Tower? 
e Job Templates 


о Inventory 
o Credentials 
о Projects 


"A Red Hat 
Ansible Automation 


Platform 


< RedHat 


Red Hat Ansible Automation Platform 


Se Control Delegation Scale 
Web UI and API Role Based Access Controls Scalable Execution Capacity 


< RedHat 


@ tower 


= DASHBOARD 


Ansible Tower is a Ul and RESTful API allowing 
you to scale IT automation, manage complex 


3691 | 83 | 3 0 3 0 | 
deployments and speed productivity. - mu B ai B m 
* Role-based access control н 
* Deploy entire applications with E 
push-button deployment access 2 wé 
= 
RECENTLY USED TEMPLATES VIEW ALL RECENT JOB RUNS 
* All automations are centrally logged oi ` ` ШЮШШШШШ ЕЕ ` 0) бастии —Ó 
Rollback deployment — mammam um um ux NN ж” Ө Rollback deployment 1/23/2019 4:38:35 PM 


Deploy to development — aM mmm m 3 Ө Deploy to development 1/23/2019 4:38:19 PM 


$ p > 


* Powerful workflows match your IT processes 


< RedHat 


Push button 


An intuitive user interface experience 
makes it easy for novice users to 
execute playbooks you allow them 
access to. 


Enterprise integrations 


Integrate with enterprise authentication 
like TACACS+, RADIUS, Azure AD. Setup 
token authentication with OAuth 2. 
Setup notifications with PagerDuty, 
Slack and Twilio. 


Red Hat Ansible Tower 


RESTful API 


With an API first mentality every feature 
and function of Tower can be API driven. 
Allow seamless integration with other 
tools like ServiceNow апа Infoblox. 


Centralized logging 


All automation activity is securely 
logged. Who ran it, how they customized 
it, what it did, where it happened - all 
securely stored and viewable later, or 
exported through Ansible Tower's API. 


RBAC 


Allow restricting playbook access to 
authorized users. One team can use 
playbooks in check mode (read-only) 
while others have full administrative 
abilities. 


Workflows 


Ansible Tower's multi-playbook 
workflows chain any number of 
playbooks, regardless of whether they 
use different inventories, run as different 
users, run at once or utilize different 
credentials. 


< RedHat 


Ansible Automation Platform 


о о о о ШЕННЕН 
. : : .... = GE К >. ANSIBLE CLI & CI SYSTEMS 
ANSIBLE PLAYBOOKS 


CLOUD.REDHAT.COM 


ROLE-BASED KNOWLEDGE SCHEDULED & 
ANSIBLE ACCESS CONTROL & VISIBILITY CENTRALIZED JOBS 


TOWER 
SIMPLE USER INTERFACE TOWER API 
Y 


PEE OPENSOURCE MODULE LIBRARY 
Segel vuam ` Leneoncoeroaeg 


PLUGINS 
(2 — TRANSPORT | 


SSH, WINRM, NETWORK СИ, HTTPAPI 


AUTOMATION 
HUB 


AUTOMATION 
ANALYTICS 


INFRASTRUCTURE NETWORK SECURITY CLOUD SERVICES APP DEVELOPMENT 


AUTOMATE LINUX, ARISTA, CHECKPOINT, AWS, DATABASES, PYTHON VENV, 
YOUR OPENSHIFT, CISCO, QRADAR, GOOGLE CLOUD, LOGGING, NPM, 
ENTERPRISE WINDOWS, JUNIPER SNORT AZURE, SOURCE CONTROL YUM, 
VMWARE, INFOBLOX ape IBM CLOUD ... MANAGEMENT... APT, 
OPERATORS, F5.. FORTINET. PIP... 
CONTAINERS... 


-------і | CASES | s= | k | | $ 1 7 ` v ` s Ф | | 


CONFIGURATION APP CONTINUOUS SECURITY & 
PROVISIONING RCHESTRATION 
9 MANAGEMENT DEPLOYMENT DELIVERY COMPLIANCE 9 & Red Hat 


Red Hat 
Ansible ` 


JOB STATUS 


Tower 


FEATU RE OVERVI EW: RECENTLY USED TEMPLATES VIEW ALL RECENT JOB RUNS VIEW ALL 


NA ACTIONS NAME TIME 
Deployment pipeline Deployment pipeline 1/23/2019 4:38:36 
О е Im c e ollback deploymen 3 Roll deployment 1/23/2019 4:38:35 

Deploy to development 4 Deploy to deve ent 1/23/2019 4:38:19 PM 


Test application mmm mmm mmm 3 Test application 1/23/2019 4:38:18 PM 


Deploy database 3 Ф Deploy database 1/23/2019 4:38:05 PM 


Everything in Ansible Tower revolves around the 
concept of a Job Template. Job Templates 
allow Ansible Playbooks to be controlled, 
delegated and scaled for an organization. 


Job templates also encourage the reuse of 
Ansible Playbook content and collaboration 
between teams. 


B 
& 
e 
= 
A 
ж. 


TEMPLATES / Azure Linux УМ Spinup 


Azure Linux VM Spinup 


DETAILS PERMISSIONS 


* NAME 


Azure Linux VM Spinup 


* INVENTORY @ 


Q | Prod 


CREDENTIAL @ 


* VERBOSITY @ 


0 (Normal) 


LABELS Ө 


TIMEOUT Ө 
D 


NOTIFICATIONS 


EXTRA VARIABLES Ө KA Ison | 


COMPLETED JOBS SCHEDULES 


DESCRIPTION 


* PROJECT @ 


Q | fest19-demo 


FORKS Ө 


0 


d JOB TAGS Ө 


INSTANCE GROUPS @ 
Q 


SHOW CHANGES Ө 


a adr 


+ JOB TYPE Ө 


Run 
* PLAYBOOK @ 


azure spinup.yml 


LIMIT @ 


SKIP TAGS Ө 


JOB SLICING @ 


1 


OPTIONS 

Г) ENABLE PRIVILEGE ESCALATION Ө 
ALLOW PROVISIONING CALLBACKS 

Г) ENABLE CONCURRENT JOBS Ө 

71 USE FACT CACHE Ө 


< RedHat 


Inventory is a collection of hosts (nodes) with 
associated data and groupings that Ansible Tower 
can connect to and manage. 


Hosts (nodes) 

Groups 

Inventory-specific data (variables) 
Static or dynamic sources 


DETAILS 


INVENTORIES 


INVENTORIES / Workshop Inventory / HOSTS 


Workshop Inventory 


PERMISSIONS 


HOSTS * 


ansible 


GROUPS HOSTS SOURCES COMPLETED JOBS 
KEY 


RELATED GROUPS 


ORGANIZATION % 


< RedHat 


Ө tower 


CREDENTIALS / EDIT CREDENTIAL 


Credentials are utilized by Ansible Tower for 
authentication with various external resources: 


Workshop Credential 


DETAILS PERMISSIONS 


*NAME @ DESCRIPTION @ ORGANIZATION 


Co n n ecti n g to re m ote m a C h | n es to ru n jo bs Workshop Credential 0. | REDHAT NETWORK ORGANIZATION 


* CREDENTIAL TYPE @ 


Syncing with inventory sources нинин 
Importing project content from version GE SSC ZER 


SSH PRIVATE KEY 


control systems 
e Connecting to and managing network 
devices 


ENCRYPTED 


SIGNED SSH CERTIFICATE HINT: Drag and drop private file on the field below. 


Centralized management of various credentials 
allows end users to leverage a secret without 
ever exposing that secret to them. 


PRIVATE KEY PASSPHRASE 71 Prompt on launch PRIVILEGE ESCALATION METHOD Ө PRIVILEGE ESCALATION USERNAME 


< RedHat 


t 


A project is a logical collection of Ansible 
Playbooks, represented in Ansible Tower. 


You can manage Ansible Playbooks and 
playbook directories by placing them ina 
source code management system supported 
by Ansible Tower, including Git, Subversion, 
and Mercurial. 


eh oe a ee ш 


Ө tower 


PROJECTS / Workshop Project oí 


* NAME DESCRIPTION * ORGANIZATION 

Workshop Project Q | REDHAT NETWORK ORGANIZATION 
* SCM TYPE 

Git 


SOURCE DETAILS 
* SCM URL Ө SCM BRANCH/TAG/COMMIT SCM CREDENTIAL 
https://github.com/network-automation/tower_workshop Q 
SCM UPDATE OPTIONS 
CLEAN @ 


DELETE ON UPDATE @ 
UPDATE REVISION ON LAUNCH @ 


PROJECTS en 


Expanded | Name (Ascending) v 


Demo Project СТ CS [74] @ 


@ RedHat 
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Exercise 5 - Explore Red Hat Ansible Tower 


Explore and understand the lab environment. Locate and understand: 
e Ansible Tower Inventory 

e Ansible Tower Credentials 

e Ansible Tower Projects 


Approximate time: 15 mins 


б, Red Hat 


Exercise 6 


Topics Covered: 
e Building a Job Template 


e Executing a Job Template 


"A Red Hat 
Ansible Automation 
Platform 


< RedHat 


Job Templates can be found and created by clicking the Templates 
button under the RESOURCES section on the left menu. 


= TEMPLATES 
VIEWS 


c0) аа TEMPLATES @ 


T* Jobs 


Gi Schedules 


Expanded Name (Ascending) v 
D My View 


Demo Job Template Job Template Р; 
RESOURCES 


(4 Templates Network-Commands Job Template # 


Credentials 
Network-Restore Job Template 
Projects 


Inventories Network-System | ` Jop Template 


Inventory Scripts 


Network-Time Job Template 
ACCESS 


Е Organizations 


Network-User Job Template 


an Ф RedHat 


Sei, ITEMS 1-6 
SS "Teams 


Executing an existing Job Template 


Job Templates can be launched by clicking the rocketship K 
button for the corresponding Job Template 


TEMPLATES 
VIEWS 


QR Dashboard TEMPLATES (3 


г Jobs 


ЕЕ Schedules 


Expanded | Name (Ascending) 


(D My View 


Demo Job Template Job Template 
RESOURCES 


(4 Templates Network-Commands Job Template 


©. Credentials 


Network-Restore Job Template 
ER Projects 


éi Inventories Network-System Job Template 
</> Inventory Scripts 

Network-Time Job Template 
ACCESS 


Organizations 


Network-User Job Template 


«ш <, RedHat 


ses ITEMS 1-6 
ес Teams 


Creating anew Job Template (1/2) 


New Job Templates сап be created by clicking the plus button ~~ 


ё admin [i] шы (5 


Е TEMPLATES 
VIEWS 


GR Dashboard TEMPLATES @ 


Jobs 
a Schedules 


[I] My View 


Demo Job Template Job Template * 
RESOURCES 


| Lë Templates 


Network-Commands Job Template 4 
Credentials 

Network-Restore Job Template 7 
Projects 


Inventories Network-System Job Template 7 


Inventory Scripts 


Network-Time Job Template 
ACCESS 


EJ Organizations Network-User Job Template 


М @ RedHat 


Set ITEMS 1-6 
шю Teams 


Creating anew Job Template (2/2) 


This New Job Template window is where the inventory, project and credential 
are assigned. The red asterisk * means the field is required . 


VIEWS 


Ё Dashboard 

Dt Jobs 

Se Schedules 

ПП My View 

RESOURCES 

CZ Templates 
Credentials 
Projects 
Inventories 
Inventory Scripts 

ACCESS 

Organizations 


ө 
e (/5ег5 


3.9 
ө гп 
""- Teams 


ADMINISTRATION 


NEW JOB TEMPLATE 


DETAILS 


* NAME 


* INVENTORY Ө 


Q 


CREDENTIAL @ 


Q 


* VERBOSITY @ 


0 (Normal) 


LABELS @ 


TIMEOUT @ 


0 


COMPLETED JOBS 


PROMPT ON LAUNCH 


PROMPT ON LAUNCH 


PROMPT ON LAUNCH 


SCHEDULES ADD SURVEY 


DESCRIPTION 


* PROJECT Ө 
Q 


FORKS @ 


0 


JOB TAGS Ө PROMPT ON LAUNCH 


INSTANCE GROUPS @ 


Q 


SHOW CHANGES Ө PROMPT ON LAUNCH 


OFF 


* JOB TYPE Ө PROMPT ON LAUNCH 


Run 


* PLAYBOOK @ 


Choose a playbook 


LIMIT Ө PROMPT ON LAUNCH 


SKIP TAGS @ PROMPT ON LAUNCH 


JOB SLICING @ 


1 


OPTIONS 


ENABLE PRIVILEGE ESCALATION @ 
ALLOW PROVISIONING CALLBACKS Ө 


(3 RedHat 
Ansible Automation 
Platform 


Exercise 6 - Creating a Tower Job Template 


Demonstrate a network backup configuration job template for Red Hat Ansible Tower. 


Approximate time: 15 mins 


б, Red Hat 
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Exercise 7 BE 


Topics Covered: 
e Understanding Extra Vars 
e Building a Tower Survey 


e Self-service IT with Tower Surveys 


< RedHat 


Surveys 


Tower surveys allow you to configure how 
а job runs via а series of questions, 
making it simple to customize your jobs in 
a user-friendly way. 


An Ansible Tower survey is a simple 
question-and-answer form that allows 
users to customize their job runs. 
Combine that with Tower's role-based 
access control, and you can build simple, 
easy self-service for your users. 


ADD VLAN 


SURVEY 


* WHICH VLAN DO YOU WANT TO ADD? 


please enter an integer between 1-4094 


* PLEASE PROVIDE A VLAN DESCRIPTION 


CANCEL 


< RedHat 


Creating a Survey (1/2) 


Once a Job Template is saved, the Add Survey Button will appear 


Click the button to open the Add Survey window. 


@ Dashboard 

{% Jobs 

ш Schedules 

TTT My View 
RESOURCES 

(2 Templates 

Ө, Credentials 

Em Projects 

en, Inventories 

</> Inventory Scripts 


ACCESS 


g Organizations 


TEMPLATES / Configure Banner 


Configure Banner 


DETAILS PERMISSIONS 


* NAME 


Configure Banner 


* INVENTORY @ PROMPT ON LAUNCH 


Q | Workshop Inventory 


CREDENTIAL @ PROMPT ON LAUNCH 


Q €. Workshop Credential ж 


* VERBOSITY Ө PROMPT ON LAUNCH 


0 (Normal) 


LABELS @ 


NOTIFICATIONS 


DESCRIPTION 


* PROJECT @ 


Q ` Workshop Project 


FORKS Ө 


0 


JOB TAGS Ө PROMPT ON LAUNCH 


INSTANCE GROUPS @ 


COMPLETED JOBS SCHEDULES 


EDIT SURVEY 


* JOB TYPE @ PROMPT ON LAUNCH 


Run 


* PLAYBOOK @ 


network_banner.yml 


LIMIT @ С) PROMPT ON LAUNCH 


SKIP TAGS @ PROMPT ON LAUNCH 


JOB SLICING @ 


ADD SURVEY 


< RedHat 


Creating a Survey (2/2) 


The Add Survey window allows the Job Template to prompt users for one or more questions. 
The answers provided become variables for use in the Ansible Playbook. 


CONFIGURE BANNER | SURVEY (ШЕ) 


EDIT SURVEY PROMPT PREVIEW 
* PROMPT * PLEASE ENTER THE BANNER TEXT 
Please enter the banner text Please type into the text field the desired banner 


DESCRIPTION HH D 10) 


Please type into the text field the desired banner 


* ANSWER VARIABLE NAME Ө 


net_banner 


* ANSWER TYPE @ 


Textarea M 
MINIMUM LENGTH MAXIMUM LENGTH 
0 2 4096 
DEFAULT ANSWER 
< RedHat 
м REQUIRED 


Using a Survey 


When launching a job, the user will now be prompted with the Survey. The user can 
be required to fill out the Survey before the Job Template will execute. 


TEMPLATES 
VIEWS 


@ Dashboard 
г" Jobs j| SURVEY 


fa Schedules * PLEASE ENTER THE BANNER TEXT 


Please type into the text field the desired banner ed | Name (Ascending) 


7 € 


CONFIGURE BANNER 


ПП MyView 


RESOURCES 


Lë Templates 4 


Credentials 
CANCEL 


Projects 


Inventories Network-Restore Job Template 
Inventory Scripts 
Network-System Job Template 
ACCESS 
Organizations Network-Time Job Template 
Ф Users 


Network-User Job Template à 
db Teams Ф RedHat 


ADMINISTRATION ITEMS 1-7 
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Exercise /- Creating a Survey 


Demonstrate the use of Ansible Tower survey feature 


Approximate time: 15 mins 


б, Red Hat 


Exercise 8 


Topics Covered: 
e Understanding Organizations 
e Understanding Teams 


e Understanding Users 


"A Red Hat 
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< RedHat 


Role Based Access Control (RBAC) 


Role-Based Access Controls (RBAC) are 
built into Ansible Tower and allow 
administrators to delegate access to 
inventories, organizations, and more. 
These controls allow Ansible Tower to 
help you increase security and streamline 
management of your Ansible automation. 


< RedHat 


User Management 


e An organization is а logical collection of users, 
teams, projects, inventories and more. All entities Weg 
belong to an organization with the exception of 
users. 


[ Organizations 


e A user is an account to access Ansible Tower and 
its services given the permissions granted to it. 


e Teams provide a means to implement role-based 
access control schemes and delegate 
responsibilities across organizations. 


< RedHat 


Viewing Organizations 
Clicking on the Organizations button 
will open up the Organizations window 


uM in the left menu 
E] Organizations 


= ORGANIZATIONS 
VIEWS 


В Dashboard ORGANIZATIONS 


Z* Jobs 
ta Schedules 


[T] мумем Default REDHAT COMPUTE ORGANIZATION 
RESOURCES В USERS TEAMS В USERS TEAMS 


(F Templates 
«B INVENTORIES PROJECTS ЖІВ INVENTORIES € PROJECTS 


Credentials 
«B JOBTEMPLATES ADMINS ІВ JOB TEMPLATES «B ADMINS 


Projects 


Inventories 
REDHAT NETWORK ORGANIZATION 


Inventory Scripts 


USERS TEAMS 
ACCESS 


«B INVENTORIES PROJECTS 


Organizations 


T ADMI 
oes В JOB TEMPLATES DMINS 


L 
485 Teams 
ITEMS 1-3 


< RedHat 


Viewing Teams 


Clicking on the Teams button 
will open up the Teams window 


@) Dashboard 

Dt Jobs 

e Schedules 

ПП My View 
RESOURCES 

(2 Templates 

Qg Credentials 

Be Projects 

Sa Inventories 

</> Inventory Scripts 


ACCESS 


BÀ Organizations 


9 
e Users 


Së Teams 


ADMINISTRATION 


TEAMS GER 


NAME “ 


Compute T1 


Compute T2 


Netadmin 


Netops 


in the left menu 


Q 

ORGANIZATION $ 

REDHAT COMPUTE ORGANIZATION 
REDHAT COMPUTE ORGANIZATION 
REDHAT NETWORK ORGANIZATION 


REDHAT NETWORK ORGANIZATION 


ACTIONS 


ITEMS 1-4 


Viewing Users 


Clicking on the Users button & in the left menu 
will open up the Users window 


VIEWS 


@ Dashboard USERS ҒӘ 


Z* Jobs 
Q 
t Schedules 


m ЖУЙ USERNAME ^ FIRST NAME $ LAST NAME $ ACTIONS 
y View 
admin 
RESOURCES 


Templates bbelcher Bob Belcher 


Credentials gbelcher Gene Belcher 


Projects Ibelcher Louise Belcher 


Inventories i ; 
libelcher Linda Belcher 


Inventory Scripts 
network-admin Larry Niven 


ACCESS 
network-operator Issac Assimov 


B Organizations 


tbelcher Tina Belcher 


ITEMS 1-8 
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Exercise 8 - Understanding RBAC 


The objective of this exercise is to understand Role Based Access Controls (RBAC) 


Approximate time: 15 mins 


б, Red Hat 


Exercise 9 


Topics Covered: 
e Understanding Workflows 


o Branching 


о Convergence / Joins 
о Conditional Logic 


"A Red Hat 
Ansible Automation 
Platform 


< RedHat 


Workflows can be found alongside Job Templates by clicking the 
Templates button under the RESOURCES section on the left menu. 


TEMPLATES 
VIEWS 


(b Dashboard TEMPLATES @ 


Z* Jobs 
fà Schedules 

(64511141404 Expanded Мате (Ascending) v 
П wyview | Compact | 


Demo Job Template Job Template 
RESOURCES J P 3 & 


7 
la Templates Network-Commands _ Job Template 


Ga Credentials 
Network-Restore Job Template 
E Projects 


sa Inventories Network-System Job Template 


</> Inventory Scripts 


Network-Time Job Template 
ACCESS 


Organizations 


Network-User Job Template 


ge @ RedHat 
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Adding a new Workflow Template 


To add a new Workflow click on the green + button 
This time select the Workflow Template 


TEMPLATES 
VIEWS 


gp Dashboard TEMPLATES 


{% Jobs 


t Schedules 
Job Template 
TTT Mar View Workflow Template 


Backup network configurations Job Template = 
RESOURCES 


^ 
Е Templates Configure Banner ` Job Template 


Qg Credentials 


Demo Job Template Job Template 
Em Projects 


ША Inventories Network-Commands Job Template 
</> Inventory Scripts 
Network-Restore Job Template 


ACCESS 


Organizations Network-System Job Template & Red Hat 


Creating the Workflow 
Fill out the required parameters and click SAVE. As soon as the 
Workflow Template is saved the WORKFLOW VISUALIZER will open. 


TEMPLATES / WORKSHOP WORKFLOW 
VIEWS 


ФР Dashboard 
WORKSHOP WORKFLOW 


DETAILS PERMISSIONS NOTIFICATIONS COMPLETED JOBS SCHEDULES ADD SURVEY 


{% Jobs 


e Schedules 


| WORKFLOW VISUALIZER 


RESOURCES * NAME DESCRIPTION ORGANIZATION 


ЕЕ — WORKSHOP WORKFLOW Q | Default 


Ө, Credentials INVENTORY Ө PROMPT ON LAUNCH LABELS Ө OPTIONS 


Workshop Invento ENABLE CONCURRENT JOBS @ 
Мы, Projects a P tr 


Шы Inventories EXTRA VARIABLES Ө ЛП PROMPT ON LAUNCH 


</> Inventory Scripts dl == 


ACCESS & Red Hat 


Organizations 


Workflow Visualizer 


The workflow visualizer will start as a blank canvas. 


WORKFLOW VISUALIZER | WORKSHOP WORKFLOW 


© TOTAL NODES G9 o 


< RedHat 


Visualizing a Workflow 


Workflows can branch out, or converge in. 


Blue indicates this Job 
Template will always run 


SEI ——————— Backup network configuratio... 


Green indicates this Job 


Template will only be run if the 
previous Job Template is 
successful 


Configure Banner 


Restore Network Config 


Red indicates this Job 
Template will only be run if the 
previous Job Template fails 
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Exercise 9 - Creating а Workflow 


Demonstrate the use of Ansible Tower workflow 


Approximate time: 15 mins 
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Next Steps 


GET STARTED 


ansible.com/get-started 


ansible.com/tower-trial 


WORKSHOPS & TRAINING 


ansible.com/workshops 


Red Hat Training 


JOIN THE COMMUNITY 


ansible.com/community 


SHARE YOUR STORY 


Follow us @Ansible 


Friend us on Facebook 


@ RedHat 


Chat with us 


e Slack 


https://ansiblenetwork.slack.com 
Join by clicking here http://bit.ly/ansibleslack 


e IRC 
#ansible-network on freenode 
http://webchat.freenode.net/?channels=ansible-network 


< RedHat 


Bookmark the Github organization 


e Examples, samples 
and demos 


e Run network 
topologies right on 
your laptop 


С) Why GitHub? Enterprise Explore Marketplace Pricing Search Signin | Sign up | 


Network Automation 


A community for network automation. To join email us at ansible-network@redhat.com with your github user-id and we will invite you 
to join! 


Durham, NC https://www.ansible.co... ansible-networkGredhat... 


EJ Repositories зз Packages People 33 Projects 


Pinned repositories 


EJ ansible inventory report 


This repo contains an Ansible networking 
inventory report playbook (inventory.yml). This 
playbook exports hostname, platform, mgmt0 IP 
address and code version to a HTML file. The 
jinja2 template u... 


@нтм! *oe3 Yos 


EJ infoblox ansible 


examples of Ansible with Infoblox NIOS 


Grow your team on GitHub 
GitHub is home to over 36 million developers working together. Join them to grow your own 
development teams, manage permissions, and collaborate on projects. 


EJ networking-icons 


Repo containing various networking icons 
including routers, switches, servers, firewalls, 
load balancers and more. Icons are provided in 
png and svg formats 


*зз $6 


EJ agnostic example 


cli command and cli config agnostic network 
automation modules for the network cli 
connection plugin 


* %4 


Dismiss 


ansible-napalm-samples 


GitHub Repo comparing NAPALM and Ansible on 
Cisco NXOSv and Arista vEOS 


G Python wes %15 


EJ tower workshop 


Exercises to be used with the Tower Workshop 


Thank you 


linkedin.com/company/red-hat 


youtube.com/AnsibleAutomation 


facebook.com/ansibleautomation 


twitter.com/ansible 


github.com/ansible 


